Republicans ask Obama to abandon cybersecurity executive order

More than one dozen members of Congress sent letters to US President Barack Obama on Wednesday opposing the cybersecurity executive order slated to be released any day now by the White House.

Higher-ups within the Obama administration confirmed last month that fruitless attempts by way of Congress to compromise on a comprehensive cybersecurity bill has left the White House with little option but to compose a legislation of their own that will authorize the US Department of Homeland Security to get the ball rolling on protecting America’s wired infrastructure. Now as President Obama is being prepared with an executive order assumed to be authorized from the oval office desk at any moment, some of the country’s top lawmakers are pleading with the commander-in-chief to reconsider his options and look towards Capitol Hill, not the DHS, for a solution.

US Rep. Fred Upton (R-Michigan), Senator Kelly Ayotte (R-New Hampshire), Senator Marco Rubio (R-Florida) and Senator Mike Lee (R-Utah) are among the 11 congressional members of the Republican Party that signed their name to a letter sent to the White House on Thursday asking the president “to rethink the wisdom of an executive order.”

“We urge you not to issue an executive order exerting regulatory influence over the Internet in the name of cybersecurity,” the letter begins, alleging that doing so will allow competing nations including Russia, China and Iran to advance their arguments as they seek “to upend the nonregulatory, multistakeholder governance model that has allowed the Internet to flourish.”

Those nations, the Republicans write, wish “to give the United Nations unprecedented power over Internet infrastructure and content at an International conference in Dubai this December, and to regulate it within their borders under the guise of combating cyber threats. The House and Senate each recently passed resolutions unanimously opposing such attempts to exert regulator control over the Internet,” and, “an ill-advised executive order would undermine” these efforts.

“Lawmakers in both chambers of Congress and on both sides of the aisle agree that cybersecurity is of critical importance to America’s safety and prosperity in the 21st century,” the letter continues. “The House of Representatives has already passed the Cyber Intelligence Sharing and Protection Act (CISPA) to bring the nation’s considerable wealth of public and private sector intelligence to bear on the challenge of securing America’s vital communications networks. A number of proposals continue to be debated in the Senate. The United States has been a beacon of online freedom. Unilateral action altering oversight of the Internet in this country could be interpreted by the rest of the world as a statement of ‘do as I say, not as I do.’”

“While we have not seen your proposed executive order, multiple reports suggest that it would authorize the Department of Homeland Security (DHS) to determine what constitutes ‘critical infrastructure,’ and then adopt certain standards for how such infrastructure is managed to guard against cyberthreats,” the lawmakers add.

Rightfully so, White House Press Secretary Jay Carney confirmed to DC’s The Hill newspaper in August that “the President is determined to do absolutely everything we can to better protect our nation against today’s cyber threats and we will do that,” a claim to which National Security Adviser John Brennan followed-up with a letter from the White House one month later reading, "Specifically, we are exploring an Executive Order to direct executive branch departments and agencies to secure our nation's critical infrastructure by working with the private sector."

Leaked copies perpetrated to be early versions of the executive order have since made their rounds on the Web, and in those drafts the president does indeed delegate the DHS to lay groundwork for a cybersecurity initiative, similar to those debates in Congress during the last few months but seriously lacking earlier safeguards that could have protected the privacy of Americans. Instead, the White House has done little to acknowledge how it would restrict what information offered by consumers to third-party businesses can be exchanged with the government and how they intend on balancing civil liberties with alleged “counterterrorism.”

“Because the majority of the Nation’s crucial infrastructure is owned and operated by the private sector, efforts to strengthen and maintain secure, functioning and resilient critical infrastructure required effective and routine collaboration and information exchange between all levels of government and critical infrastructure owners and operators,”a leaked copy provided last month reads. Elsewhere in the draft,“information sharing”between private and federal entities is considered imperative and a call to arms it made to“facilitate an optimization of resources to advance our collective ability to act when a threat is present or an incident occurs.”

The report in question is assumed to be the just published write-up on DHS-managed fusion centers, massive data-gathering and analyzing facilities across the country that a bipartisan panel of lawmakers recently concluded had collected “crap intelligence” at a cost of over $1 billion that fell short of its mark of countering terrorism.

On Thursday this week, Sen. Joe Lieberman (I-Connecticut) also condemned a cybersecurity bill that won’t be made with the privacy concerns of the average American taken into concern.

“Since Congress has not been able to find common ground on cybersecurity legislation, I appreciate the president's stated intention to fortify the security of critical cybersystems through his executive powers. We know our adversaries are already stealing valuable intellectual property and exploiting our critical infrastructure to prepare for attack,” Sen. Leiberman writes in an op-ed published in The House. “Under the Homeland Security Act of 2002, the Department of Homeland Security has clear authority to conduct risk assessments of critical infrastructure, identify the systems or assets that are most vulnerable to cyberattack, and issue voluntary standards for them to maintain adequate cybersecurity. Executive action is not the best way to protect the United States from cyberattacks. Without congressional action, the president cannot offer liability protections to industry to reward compliance with voluntary security guidelines. Nor can he require industry to report major cyber-intrusions.”

In that same day’s letter from his Republican colleagues, lawmakers write, “An executive order exerting influence over critical infrastructure is not just a step in the wrong substantive direction. It will almost certainly be exploited by other nations to justify their efforts to regulate the Internet. This is a most critical time, and we cannot afford a hasty, unilateral action that will only serve to bolster the efforts of less democratic nations to stifle the very free exchange of ideas and expression that has allowed the Internet to flourish across the globe. For these reasons, we urge you to rethink the wisdom of an executive order.”

Sens. Susan Collins (R-Maine) and Olympia Snowe (R-Maine) also signed their name to a separate letter sent to Washington this week written along with Sen. Richard Lugar (R-Indiana) that pleads, “The ramifications of a national cybersecurity policy for the public and private sectors are significant and deserve the transparency and legitimacy that can be achieved only though the legislative process.”

“As Members who have worked hard to advance Cyber security legislation in the Senate, we believe the legislative process remains the best way to build lasting consensus on an issue that is vital to our national security and our economic prosperity,” they said. “We share your frustration that Congress has not yet completed its work on this legislation, but we remain committed to the legislative process and urge you to continue to work with Congress, rather than acting unilaterally through an executive order.”

The White House has yet to announce when President Obama will sign his name to the executive order.